Vulnerabilities > Microsoft > 365 Apps > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-16 | CVE-2020-16947 | Out-of-bounds Write vulnerability in Microsoft 365 Apps, Office and Outlook <p>A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. | 7.5 |
| 2020-10-16 | CVE-2020-16934 | Unspecified vulnerability in Microsoft 365 Apps, Office and Office 2013 Click-To-Run <p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. | 7.0 |
| 2020-10-16 | CVE-2020-16933 | Unspecified vulnerability in Microsoft products <p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. | 7.0 |
| 2020-10-16 | CVE-2020-16932 | Missing Initialization of Resource vulnerability in Microsoft products <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. | 7.8 |
| 2020-10-16 | CVE-2020-16931 | Use of Uninitialized Resource vulnerability in Microsoft products <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. | 7.8 |
| 2020-10-16 | CVE-2020-16930 | Out-of-bounds Write vulnerability in Microsoft 365 Apps and Office <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. | 7.8 |
| 2020-10-16 | CVE-2020-16929 | Use After Free vulnerability in Microsoft products <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. | 7.8 |
| 2020-10-16 | CVE-2020-16928 | Unspecified vulnerability in Microsoft 365 Apps and Office <p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. | 7.8 |
| 2020-10-16 | CVE-2020-16918 | Unspecified vulnerability in Microsoft 365 Apps and 3D Viewer <p>A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.</p> <p>An attacker who successfully exploited the vulnerability would gain execution on a victim system.</p> <p>The security update addresses the vulnerability by correcting how the Base3D rendering engine handles memory.</p> | 7.8 |
| 2020-09-11 | CVE-2020-1594 | Unspecified vulnerability in Microsoft 365 Apps, Excel and Office <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. | 7.8 |